1. Caddy version:
V2.5.2 (use old version because of SSL issues with latest version, but I don’t want to solve this issue,… it’s too much work for me)
You can check this issue with caddy 2.5.2 and this guide: https://www.reddit.com/r/selfhosted/comments/shvkkb/reverse_proxy_client_certificates_for_dummies/?utm_source=share&utm_medium=ios_app&utm_name=iossmf)
Same posteo with latest caddy 2.6.4 (docker)
2. How I installed, and run Caddy:
Docker
a. System environment:
Debian 11
b. Command:
c. Service/unit/compose file:
Caddy docker-compose.yml
version: "3.7"
networks:
net:
driver: bridge
services:
caddy:
image: caddy:latest
#image: caddy:2.5.2
container_name: caddy-proxy
restart: always
ports:
- "80:80"
- "443:443"
volumes:
- /dockerdata/caddy/Caddyfile:/etc/caddy/Caddyfile
- ./data:/data
- ./config:/config
- ./www:/srv
labels:
- "com.centurylinklabs.watchtower.enable=false"
mem_limit: 150m
networks:
default:
ipv4_address: 172.30.0.2
Caddyfile:
mail.url.com {
reverse_proxy http://mailserver:80
}
Poste_io docker-compose.yml:
version: "3"
services:
mailserver:
image: analogic/poste.io
container_name: mailserver
hostname: mail
domainname: mail.url.com
ports:
#- "80:80" # Webmail/Admin
- "25:25" # SMTP (explicit TLS => STARTTLS)
- "465:465" # ESMTP (implicit TLS)
- "587:587" # ESMTP (explicit TLS => STARTTLS)
- "143:143" # IMAP4
- "993:993" # IMAP4 (implicit TLS)
volumes:
- ./mail:/data
- ./mail/webmail/plugins:/opt/www/webmail/plugins
- ./mail/webmail/config:/opt/www/webmail/config
- /etc/localtime:/etc/localtime:ro
environment:
- TZ=Europe/Berlin
- HTTPS=OFF
- VIRTUAL_HOST=mail.url.com
- VIRTUAL_PORT=80
- DISABLE_CLAMAV=FALSE
restart: always
Now I create a network “caddyposteo” (prefer ip without network but this doesnt work)
docker network create caddyposteo
connect booth caddy and posteo together
Now I can reach https URL/admin with ssl from caddy container.
After configuring admin pannel and switch to https URL/webmail I receive 500 error.
In poste_io documentation they wrote I should forward .well-known to poste_io docker container,… but I had no success.
A working config is this one:
(It’s for a old caddy version)
=> URL:gist.github.com/MrDrMcCoy/fa79582c02f87ea50792056f0e06822f
d. My complete Caddy config:
3. The problem I’m having:
Posteio has a integrated nginx with cert generation via le . The issue is, it works standalone via 80/443 but I did not find a way to create a working Caddyfile (for caddy2).
I tried in docker from posteio port change and so on but all without success.
Receive always 500/502
I would like to proxy_redirect to poste.io via ip and port and not via connected network (so no https://mailserver:443, would like to do it like vaultwarden via ip and port.)